Lost Royal Navy memory stick reportedly contained information on manoeuvres and UK personnel

A memory stick that contained ‘restricted' information on naval manoeuvres and personnel around the UK was reported missing last week.

A report in The Observer claimed that two senior detectives from the Royal Navy Police's special investigation branch met members of the Police Service of Northern Ireland to investigate the issue.

A USB device, that is understood to have contained 37 pages of information on Royal Navy personnel including name, ages and ranks, was found at the Odyssey car park, near the river Lagan. It was offered for sale to a newspaper, which declined the offer, and was later handed to the police in Bangor.

The report also claimed that it also contained ‘restricted' information on naval operations around the UK, and the whereabouts of Royal Navy officers. Security sources said this weekend that naval investigators would examine the device to see if any of the material was copied. They will also look for ‘electronic footprints' on the device to find out who last used it.

Jason Holloway, SanDisk Enterprise head of sales for Europe, said: “Although the memory stick was found and handed in, it's unknown if the restricted data on the device was copied. It's likely that the data was accessible, as it was offered for sale to a newspaper before the stick was returned.

“This shows why it's essential to hardware-encrypt data copied onto USB flash drives, and to make that encryption automatic and transparent to users, so they can't short-cut the protection.

“Many organisations are banning the use of personal, unauthorised USB devices and issuing key staff with managed, secure drives that can be audited and terminated if lost. This gives the benefits of using flash drives without the security risk.”

Anders Pettersson, CSO at BlockMaster said: "Careless behaviour with unsecure devices is rife as there is limited incentive to protect corporate information or the devices themselves are too cumbersome to use. Where devices are found and attempted to be sold as in this case there could be serious ramifications.

"Only recently the ICO called for custodial sentences for serious breaches following the death of a pensioner caused by illegal disclosure of police information. Luckily in this instance the lost USB device was handed to the police, but who knows what might happen next time or what happened to the data in between.

“USB devices need to be enhanced quickly and offer new features which give administrators complete control over portable software and the peace-of-mind that information is protected at all times. We are constantly working on upgrading our product so users can benefit from features such as restoring files and a lockout feature which prevents any unapproved device accessing the corporate network."

Sign up to our newsletters